Modem/Router for VPN?

Soldato
Joined
18 Apr 2003
Posts
2,674
Location
England
I'm with Surfshark & while the Windows app works well with the Geolocation restriction on a certain streaming media service, it is very poor with SmartDNS when using the TV app or Roku.
Also in the process of changing ISP's to NowTV & have a Home hub two on the way.

I was thinking the Asus RT-AC86u or the RT-AX86u with VPN & not use the Home hub two.
Still learning about Open Source firmware & excited about setting it up.

NowTV apparently use MER option61 I think & there are guides to extracting the login details from the Home hub two but I was wondering which of the Asus routers would be best? Or a different make.
My WiFi needs are not much, just a phone, Roku4k, RokuHD which a cheap dual band repeater is feeding very well atm.

Whichever modem/router is the best option? thanks
 
Soldato
Joined
29 Dec 2002
Posts
7,176
NowTV is Sky, Sky use DHCP 60/61 for authentication, not MER, no need to extract the u/p anymore, that stopped years ago, you just need to put random data in the appropriate field in the right format. The bigger issue is that running a VPN via the router will give exactly the same problem with streaming services as running it on the PC, also consider that if you run the VPN on the router most lack hardware acceleration - how fast is NowTV suggesting your connection will be? Just paying for 80/20 and only getting half that and paying over the odds for hardware to do that doesn’t seem like a great way to do things.
 
Soldato
OP
Joined
18 Apr 2003
Posts
2,674
Location
England
Ok thanks. What do you suggest would be a good option to get the best out of the VPN & to use a wireless device with control over the geo location?
The streaming service runs fine from the PC when changing location with the app.
Whats 80/20? NowTV say I will get 45-65mbits with a minimum of 40. My current ISP Talktalk is letting me have 45mbits even though paying for 65 but I've had 65 in the past.
 
Soldato
OP
Joined
18 Apr 2003
Posts
2,674
Location
England
Been with NowTV (Sky) a week at 45/15 24ping (drops even more during peak times) -moaning at them after a few days didn't help, previously Talktalk were 45/18 13ping (unaffected by peak times).
Then bought the Asus RT-AX86u for £230 (less £10 for a failed 1st delivery), the AC86u was out of stock in the rain forest/not on OcUK & increased in price from £135 to £157.
There's no Merlin firmware for the AX86u so no option61, even though I extracted the login details from the NowTV router just in case lol.
Managed get the AX86u working with a double NAT & even the VPN works great although its a bit crippled due to being like a repeater.
Decided leave NowTV & after telling them they immediately improved my connection to 50/17 13ping though still drops during peak times... leaving anyway due to their option61 & they don't even want their 2 port no WAN router back.
I already have a Talktalk router with a WAN port. I can't find what protocol connection Talktalk use, I presume they don't use opt61 & will be ok for the Asus router?
Unless anyone can recommend a better ISP who use a modem/router with a WAN & have no funky login issues? ta
 
Soldato
Joined
29 Dec 2002
Posts
7,176
For a router to be a router it has to have a WAN interface, it can be a RJ45 or for example an RJ11 direct to the socket/filter. Ping is not something your ISP controls in the way you infer, it can control on network routing/latency, but once it goes off network you are at the mercy of 3rd party peering/routing on other networks and the server at the other end, it’ll vary depending on the remote server you are connecting to and the load on it and the networks between your ISP and it.

I just don’t get why you would pay 1/3 more for a router that won’t do what you want as you had already ignored the advice given and extracted details you didn’t need, and then blame your ISP because it didn’t work. All other FTTC providers I can think of use PPPoE, you could have spent a lot less and got something a lot better (£10 modem, £60-100 SFF, £60-70 AP, run *sense, Untangle, Sophos etc). It would have worked with whatever ISP you ended up with or connection type and easy upgrades if you want faster WiFi etc. down the road. Plusnet would be my suggestion, but anyone will do.
 
Soldato
OP
Joined
18 Apr 2003
Posts
2,674
Location
England
I'm learning about networking.
Moved back to Talktalk & already have their router with a WAN port. Also installed an Openreach mk4 master socket (likely a clone of the BT version).
When moving to NowTV I did not know they used opt61 or the router did not support opt61, though Merlin may support it in the future.
Surfshark was easy to setup on the ax86u so just waiting for the move to Talktalk now.
 
Soldato
Joined
29 Dec 2002
Posts
7,176
You’ve got it the wrong way round, Openreach used to be part of BT, they are now a legally separate company who manage the last mile of the former BT network for all ISP’s who use it. You knew Sky/NTV used DHCP 60/61 from the reply above in August, that was before you ordered the router as you asked for recommendations in your follow up. Other firmwares exist that aren’t Merlin that offer support for DHCP60/61 or can be made to pass credentials over in the correct format, I would suggested looking at them, but it’s a moot point at this stage. Also having a TT router isn’t going to do you much good, you have an AX86 which presumably you’d be using with a modem or you’ll be in exactly the same situation with double NAT by plugging the AX86U into the TT Hub.
 
Soldato
OP
Joined
18 Apr 2003
Posts
2,674
Location
England
Ok, I can't find any none Asus firmware for the ax86u to get opt61.
I thought I may need a modem, something like the vigor130 which i've read is difficult to work with opt61.
 
Soldato
Joined
29 Dec 2002
Posts
7,176
The modem doesn’t know or care about authentication standard used by your ISP, and you’re already moving back to TT. I would suggest grabbing an ex BT Openreach ECI or HG612 modem for circa £10 used, both will support FTTC, you may see a minor improvement by chipset matching whatever is in your cabinet.
 
Soldato
OP
Joined
18 Apr 2003
Posts
2,674
Location
England
Ok 1st day with talktalk & no opt61 so I can use my own router now (thanks offcom).
Got a vigor130 which connects on vdsl2 & ipoe allowed the router to connect.
Took some faffing to get the ax86u (192.168.50.x) to work through wan as automatic ip not pppoe but now can't access modem settings on 192.168.2.1 anymore.
There's lots of settings on the modem & router I have no idea what they are & just got it working by choosing random settings as there's no guide online.
 
Soldato
OP
Joined
18 Apr 2003
Posts
2,674
Location
England
These settings are as official as I can find which work. Only issue left is accessing modem settings page to view line stats, but a workaround is to set the WAN as static (see below) & then have no Internet but can at least access the modem without plugging it into a PC & changing its IP range.

Vigor130 modem settings for Talktalk fibre (VDSL2):
Internet Access-
General setup:
DSL mode: VDSL2 only
ADSL: Disable
VDSL2: Enable / Customer Tag value 101 / Service Tag value Disable
PPPoE / PPPoA:
Disable
MpoA / Static or dynamic IP:
Enable
Encapsulation= 1483 Bridged IP LLC
VPI=0
VCI=101
Modulation=Multimode
MTU=1492
Default MAC Address
DNS Server IP Address (these are for Google)
Primary 8.8.8.8
Secondary 8.8.4.4
PRESS OK TO ENABLE BRIDGED MODE
LAN-
General Setup:
1st IP 192.168.2.1 (IP of modem)
1st Subnet 2555.255.255.0
DHCP Server Configuration:
Disable Server!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Asus AX86u settings & likely other routers-
WAN:
WAN Connection Type=Automatic IP
Enable WAN=Yes
Enable NAT=Yes
Enable UpnP=Yes
Enable WAN Aggregation=No (for 1 modem)
Connect to DNS Server automatically=Yes
Authentication=None
DHCP=Aggressive Mode
Extend TTL=No
Spoof LAN TTL=No
LAN:
LAN IP
IP Address=192.168.1.1 (IP of router & different to modem)
Subnet Mask 255.255.255.0
DHCP Server
Enable DHCP Server=Yes
IP Pool Starting Address 192.168.1.2
IP Pool Ending Address 192.168.1.254
Lease time=86400
Default Gateway 192.168.1.1 (router IP)
Enable Manual Assignment=Yes

TO ACCESS MODEM SETTINGS ON ITS IP SET ABOVE AS 192.168.2.1
To see line stats but will be unable to access Internet!
WAN:
WAN Connection Type=Static IP
Enable WAN=Yes
Enable NAT=Yes
Enable UpnP=Yes
Enable WAN Aggregation=No (for 1 modem)
WAN IP Settings
IP Address 192.168.2.100 (something other than modem IP)
Subnet Mask 255.255.255.0
Default Gateway 192.168.2.10
DNS Server1 8.8.8.8
DNS Server2 8.8.4.4
Authentication=None
Extend TTL=No
Spoof LAN TTL=No
 
Soldato
Joined
29 Dec 2002
Posts
7,176
Rather than point out everything that is wrong with your previous two posts, how about I just provide simple instructions on how to do it properly?

Make sure the Draytek is on a different subnet to the ASUS, for example:

Draytek 192.168.2.1
ASUS 192.168.1.1

Set the ASUS as follows:
Advance Settings > LAN > LAN IP and set the IP address as 192.168.1.1, then Advanced Settings > WAN > Internet Settings, change Get the Wan IP Address Automatically to ‘No’ and manually set 192.168.2.2 - it needs to be in the same range as the Draytek, but not .1 obviously, Subnet 255.255.255.0, Default Gateway 192.168.2.1, as you seem to like Google DNS, set WAN DNS to 8.8.8.8 and 8.8.4.4 and as if by magic you can access the Draytek’s UI now via http://192.168.2.1 and your internet connection works. Obviously you can adjust the IP’s to suit your circumstance and using a DNS provider that isn’t using your requests to market stuff to you is probably a good idea.
 
Soldato
OP
Joined
18 Apr 2003
Posts
2,674
Location
England
Thanks.
A typo in my settings above is the Default Gateway 192.168.2.10 is actually 192.168.2.1 + I advised Google DNS for compatibility in case anyone else with a similar issue tried my settings, so the same settings as you advised. Though will then only have access to the Draytek & no Internet.
Unless there's a setting on the Draytek thats not correct, I could provide screenshots? Apparently, Duckducking shows other users of the Vigor130 have the same issue, but setting the Vigor130 as a DHCP server does not work either.
I'm using Talktalk DNS 62.24.134.1 62.24.243.2 -unless there is a better DNS? I used to use a PiHole to remove adverts/Google but that leaked a DNS through Belgium.
 
Back
Top Bottom